The Importance of EPP With cyber attacks continuing unabated, neglecting endpoint security is dangerous and potentially catastrophic. Organisations must adopt reliable endpoint security solutions to prevent threat actors from hijacking business systems or stealing sensitive data. Kaspersky The recent decision by the US government to ban the sales of Kaspersky antivirus software due to its ties to Russia underscores the importance of a trustworthy software supply chain.

This is a Bulletproof Tech Talk article: research from our penetration testing team covering issues, news, and tech that interests them. It’s more technical and in-depth that our usual blog content, but no less interesting. In the complex landscape of Active Directory, ensuring secure and appropriate access is a constant challenge. Recently another "ESC" technique has been released which is known as ESC13.

ISO 27001, the internationally recognised standard for information security management systems (ISMS), provides a framework for organisations to protect their valuable information assets. Penetration testing is crucial in preventing data breaches and maintaining the business’s reputation. ISO 27001 strongly recommends it as a critical tool for assessing an organisation’s security posture and ensuring compliance with control A.12.6.1, which focuses on managing technical vulnerabilities.

The Payment Card Industry Data Security Standard (PCI DSS) is a global cornerstone for safeguarding cardholder data. PCI DSS version 4.0, the most recent iteration, emphasises a dynamic, risk-based approach to security, compelling organisations to tailor their controls to their unique environments. PCI DSS penetration tests are crucial for meeting and maintaining security standards.

As we navigate through 2024, The Cyber Helpline has been at the forefront of providing critical support to individuals facing cyber threats. Between January 1st and May 31st, our Chatbot opened over 1,800 cases across England, offering a detailed glimpse into the current state of cybersecurity. Here’s what we’ve discovered.

THORChain is a network that facilitates native asset settlement between various blockchains including Bitcoin, Ethereum, BNB Chain, Cosmos, and more. Overall, THORChain aims to provide a seamless and efficient way for users to exchange assets across different blockchains while maintaining a high level of decentralization, security, and community participation.

The Payment Card Industry Data Security Standard (PCI DSS) is the gold standard for protecting cardholder data. With the recent release of version 4.0, the focus on securing APIs has intensified. But what does this mean for your organization, and why shouldn't you take API security with a grain of salt (pun intended)?

Imagine your financial data behind a seemingly impenetrable wall, but in reality, it's akin to a fortress with invisible cracks. That is a world without Threat-Led Penetration Testing (TLPT). As cyber threats become more nuanced and lethal, TLPT stands as a specialised sentinel in the arsenal of financial institutions, safeguarding sensitive assets through the simulation of real-world attacks.

If you save your passwords in a browser password manager, your passwords may be at risk of becoming compromised. This is because browsers frequently remain logged in, meaning if someone gained access to your device they’d have access to all your stored passwords. Additionally, if your browser were to become compromised, everything stored in your browser would also be at risk of becoming compromised due to weak encryption standards.